You wouldn't steal a /Flag.txt
Website is static page without much functionality, but there is one weird behaviour as it loads some base64
encoded files names.
In the website source code there are two kinds of imports, ones that are encoded in plain english, and one that are encoded in base64.
There are also two different error messages for 404 File Not Found
if path starts with assets
there are default Flask
404 page.
But if path starts with anything different there is custom Error: 404!
message. That indicates there are two different logics for accesing this paths.
When sending data encoded as base64 that utylize basic path traversal
thta isn't start with assets there is custom message error.
But when accesing it from any path that starts with assets path traversal works
Last updated